<?php
include ("../main/inc/global.inc.php");

require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
require_once (api_get_path(CONFIGURATION_PATH).'profile.conf.php');

api_block_anonymous_users(); // only users who are logged in can proceed

// Top part of the HTML
Display :: display_header('File List');

global $_user;

?>
<?php
$link = mysql_connect("localhost", "root", "root");
mysql_select_db("dokeos_main", $link);


// Ignoring invitation?
if(isset($_GET['act']) && isset($_GET['fileid']) && $_GET['act'] == "ignore")
{
  $fileId = intval($_GET['fileid']);
  $query = "DELETE FROM file_user_invitation WHERE userid = $_user[user_id] AND fileid = $fileId";
  mysql_query($query, $link);
  echo "<p>Invitation ignored.</p>";
}

// Accepting invitation?
if(isset($_GET['act']) && isset($_GET['fileid']) && $_GET['act'] == "accept")
{
  $fileId = intval($_GET['fileid']);
	$sql_access = "SELECT access from file_user_invitation WHERE userid = $_user[user_id] and fileid = $fileId";
	$result_access = mysql_query($sql_access, $link);
	$row = mysql_fetch_assoc($result_access);	
	$user_access = $row['access'];
	$is_owner=0;
  $can_edit=0;
  $can_read=0;
  switch ($user_access) {
    case "isOwner":
      $is_owner=1; $can_edit=1; $can_read=1;
      break;
    case "canEdit":
      $is_owner=0; $can_edit=1; $can_read=1;
      break;
    case "canRead":
      $is_owner=0; $can_edit=0; $can_read=1;
      break;
  }
	$sql="INSERT INTO file_user (fileId, userid, isowner, canread, canedit)
          VALUES
          ('$fileId','$_user[user_id]','$is_owner','$can_read', '$can_edit')";
    $result = mysql_query($sql, $link);
    if($result){
      echo "File sharing is successful!";
    } else {
      echo "File sharing is not successful";
    }
  $query = "DELETE FROM file_user_invitation WHERE userid = $_user[user_id] AND fileid = $fileId";
  mysql_query($query, $link);
}

// Have invitation?
$sql_invitation = "SELECT fui.fileid, f.path, u.firstname, u.lastname from file_user_invitation fui, file f, user u WHERE fui.userid = $_user[user_id] and fui.userid=u.user_id and fui.accepted = 0 and f.id=fui.fileid";
$result_invitation = mysql_query($sql_invitation, $link);
if ($result_invitation && mysql_num_rows($result_invitation) == 0){
  // do nothing
} else {
  echo "<h2>File Invitations </h2>";
  echo "<table>";
  echo "<tr>
    <th>File name</th>
    <th>Uploader</th>
    <th>Action</th>
  </tr>";
  while($row  = mysql_fetch_assoc($result_invitation))
  {
    echo "<tr>
      <td>$row[path]</td>
      <td>$row[firstname] $row[lastname]</td>
      <td><a href=\"?fileid=$row[fileid]&act=accept\" target=\"_blank\" onclick=\"location.reload(true);\">Accept</a> <a href=\"?act=ignore&fileid=$row[fileid]\" onclick=\"return confirm('Are you sure to ignore this invitation?');\">Ignore</a></td>
    </tr>";
  }
  echo "</table>";
}

// List files & options
$sql = "SELECT f.id, f.path, f.uploadId, u.username, f.createDateTime 
from file f, user u, file_user fu
where u.user_id = " . $_SESSION['_user']['user_id'] . "
and u.user_id = fu.userid
and f.id = fu.fileid";
$result = mysql_query($sql, $link);

echo "<div>";

echo "<h2>File List </h2>";
echo "<table align='left' border='1px solid black' border-collapse='collapse'>
<tr>
<th>File Path</th>
<th>Upload By</th>
<th>Create Date and Time</th>
<th>Share file</th>
<th>Options</th>
</tr>";

$fileIdCommentList = array();

while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
    array_push($fileIdCommentList, $row);    
    //$fileIdCommentList = $row['id'];
    //$commentId = "comment" . $row['id'];
    //$commentListId = "commentList" . $row['id'];
    //$buttonId = "button" . $row['id'];
    echo "<tr>";
    //echo "<td>" . $row['id'] . "</td>";
    echo "<td><a href='" . $row['path'] ."'>" . $row['path'] ."</a></td>";
    echo "<td>" . $row['username'] . "</td>";
    echo "<td>" . $row['createDateTime'] . "</td>";
		echo "<td> Share with (enter username here):<form id='shareFileForm' action='ShareFileInvite.php' method='post'>
						<input type='hidden' name='sharefile_fileId' value=" . $row['id'] . ">
						<input type='text' name='sharefile_username'>
						<select name='sharefile_userAccess'>
							<option value='isOwner'>Is Owner</option>
							<option value='canRead'>Can Read</option>
							<option value='canEdit'>Can Edit</option>
						</select>
						<input type='submit' name='sharefile_submitUserId' value='Share'>
					</form></td>";
		echo "<td> <form id='editFileForm' action='editor.php' method='post'>
								<input type='hidden' name='editfile_fileId' value=". $row['id'] .">
								<input type='hidden' name='editfile_filePath' value=../upload/" . $row['path'] .">
								<input type='submit' name='editfile_edit' value='Edit'>
							</form></td>";
    echo "</tr>";
}
echo "</table>";

mysql_close($link);

echo "</div>";
?>

<?php
// Footer
Display :: display_footer();
?>

<script>

function openShareFileWindow(){
	//window.sharefile_fileid =  
	var newWindow = window.open("ShareFile.php","Share file","status=yes, height=350, width=500, resizable=0");
	//newWindow.document.body.innerhtml = 

}
function sendComment(fileId)
{
var uploadId = <?php echo $_user['user_id'] ?>;
var xmlhttp;   
var commentId = "comment" + fileId;
var commentListId = "commentList" + fileId;
//hardcode uploadId
var comment = document.getElementById(commentId).value;
if (comment=="")
  {
  document.getElementById(commentId).value="Nothing!";
  return;
  }
if (window.XMLHttpRequest)
  {// code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
  }
else
  {// code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  }
xmlhttp.onreadystatechange=function()
  {
  if (xmlhttp.readyState==4 && xmlhttp.status==200)
    {
    //document.getElementById("comment").innerHTML=xmlhttp.responseText;
    var res = xmlhttp.responseText;
    document.getElementById(commentId).value="Succeeded!";
    document.getElementById(commentListId).innerHTML=res;
    }
  }

var parameters="fileId="+fileId+"&uploadId="+uploadId+"&comment="+comment;
xmlhttp.open("POST", "SendComment.php", true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.send(parameters);

}

</script>
